From 0fd2f18240fff7dc249722f022749f69bcb09d09 Mon Sep 17 00:00:00 2001 From: ibuler Date: Wed, 19 Aug 2020 21:22:28 +0800 Subject: [PATCH] =?UTF-8?q?fix(authentication):=20=E4=BF=AE=E5=A4=8D?= =?UTF-8?q?=E7=99=BB=E5=BD=95=E6=97=B6=E6=9C=89=E6=97=B6=E8=A7=A3=E5=AF=86?= =?UTF-8?q?=E5=A4=B1=E8=B4=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/authentication/utils.py | 8 +++++++- apps/jumpserver/views/other.py | 1 + 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/apps/authentication/utils.py b/apps/authentication/utils.py index cb697c237..f6750a73d 100644 --- a/apps/authentication/utils.py +++ b/apps/authentication/utils.py @@ -34,7 +34,13 @@ def rsa_decrypt(cipher_text, rsa_private_key=None): if rsa_private_key is None: # rsa_private_key 为 None,可以能是API请求认证,不需要解密 return cipher_text + key = RSA.importKey(rsa_private_key) cipher = PKCS1_v1_5.new(key) - message = cipher.decrypt(base64.b64decode(cipher_text.encode()), 'error').decode() + cipher_decoded = base64.b64decode(cipher_text.encode()) + # Todo: 弄明白为何要以下这么写,https://xbuba.com/questions/57035263 + if len(cipher_decoded) == 127: + hex_fixed = '00' + cipher_decoded.hex() + cipher_decoded = base64.b16decode(hex_fixed.upper()) + message = cipher.decrypt(cipher_decoded, b'error').decode() return message diff --git a/apps/jumpserver/views/other.py b/apps/jumpserver/views/other.py index a0b386383..134d599a6 100644 --- a/apps/jumpserver/views/other.py +++ b/apps/jumpserver/views/other.py @@ -52,6 +52,7 @@ def redirect_format_api(request, *args, **kwargs): return JsonResponse({"msg": "Redirect url failed: {}".format(_path)}, status=404) +@csrf_exempt def redirect_old_apps_view(request, *args, **kwargs): path = request.get_full_path() if path.find('/core') != -1: